Ullaakut Astronomer Versions Save

Bugfixes

• Repositories with less than 20 stargazers no longer have percentiles displayed since they are not computable
• Repositories with between 201 and 219 stargazers are now rated properly

Features

• Change rating system to use A/B/C/D/E instead of percentages
• Adjust rating system to be less punitive

Misc

• Update expected astrolab response, since server side was updated

This PR is the most important yet. It makes Astronomer sign and send its trust reports to Astrolab, a server in charge of collecting Astronomer reports and serving GitHub badges.

Features

• Most of the code is now separated into public packages
  • github.com/ullaakut/astronomer/pkg/context
    • Only contains the astronomer context, used by all other packages to contain data on the current scan
  • github.com/ullaakut/astronomer/pkg/gql
    • Exposes the FetchStargazers and FetchContributions public methods
    • Is in charge to fetching data from the GitHub GraphQL API
    • Handles caching of this data
  • github.com/ullaakut/astronomer/pkg/trust
    • Is in charge of computing and rendering trust through the Compute and Render public methods
  • github.com/ullaakut/astronomer/pkg/signature
    • Is used to sign and send trust reports to the Astrolab server
• It is no longer possible for people to build the Astronomer binary by themselves, they must use the released binaries or the public Docker images from DockerHub. This is due to the signing process.
• In order to avoid people using the --all to get better trust reports, despite their early users being bot accounts, any scan of a repository with more than 200 users will compare the first 200 users to the rest in a comparative report, and will select the worst trust factors of both reports.
• Astronomer now outputs the URL of the generated GitHub badge from the current scan

Examples

New features

• Always scans the first 200 users (if there are more than 200 stargazers)
• Build a separate trust report for early stargazers
• Compare each trust factor between the early stargazers and the new ones in order to generate a trust report with the least trustworthy values from both.

Enhancements

• Remove the --fast option, replacing it with a --all mode, disabled by default, which does the opposite of what --fast did and scans all of a repo's stargazers
• Remove the --details option and replace it with a --verbose mode which defaults to false. When set to true, it shows the intermediary trust reports used to build the final trust report
• Update trust factor references to align with new computation method
• Remove @jstrachan from the blacklist since his GitHub profile is now accessible again

Features

• Add fast mode (enabled by default) (#17)
  • this mode ensures that if a repository contains more than (by default) 1000 stars, only 1000 random stargazers will be scanned among all
  • the fast mode can be disabled by adding --fast=false. The amount of stars to compute in fast mode can also be changed by using the -s or --stars option
  • this means that with the default value of 1000, scanning a big repository with thousands of stars takes about 25-30 minutes
• Add scanFirstStars mode (disabled by default) (#19)
  • allows scanning the first X stargazers of a repository. Useful for repositories which are now big but might have cheated at the beginning

Improvements

• Red color threshold moved from <25% to <50% (#21)

Bug fixes

• Percentiles are now computed as a part of the overall trust algorithm (#21)

Pre-fetch system and progress bar

This release introduces a new pre-fetch mechanism which quickly gets all stargazers of the repository, 100 by 100, without their contributions. This step is fast and allows Astronomer to do a few new things:

• Filter the list of users to be scanned for contributions, removing blacklisted users (see documentation for more info on blacklisted users)
• Predict the amount of users to scan and generate the cursors that can be used by fetchContributions to navigate through the users
  • This means that implementing the fast mode will now be trivial, since we will just need to reduce the number or cursors we give to the fetchContributions function, and take random ones. (See #10)
• Adds a progress bar system, with ETA, elapsed time and a live progress % calculation (thanks to the awesome mpb library!)

Additionally, Astronomer now properly notifies users when their GitHub token is missing. It also updates the documentation to add a gif of Astronomer scanning itself.

Binaries

It is also the first release with a specific tag on the docker image (v0.3.0) and binary releases in GitHub.

Example

Improvements

• Using the GitHub v4 API in order to make fewer requests and get only the data that matters to astronomer
  • This increases scanning speed between 400% and 4500% compared to the 0.1.0 version.
• Improves the trust algorithm computation
  • Private contributions count about twice less than other contributions for computing the overall trust
  • Issues, PRs, code reviews, commits and repository creations also have different weights when computing the overall trust
  • All percentiles from 5 to 95 are now computed when the --details flag is enabled
• Adds two options
  • -d, --details which makes Astronomer print more detailed statistics
  • -c, --cachedir which allows users to specify a custom cache directory in which to store cache data. It defaults to ./data.
• Update documentation
  • Update screenshots to use the latest version
  • Document new options
  • Document go install procedure
  • Update FAQ
  • Thank Renee French for the Go Gopher

New output

• Improved error handling
• Updated documentation
• Fix caching issue

Features

• Computes trust from given repositories
• Caches requests from the GitHub API
• Comes with a Docker image